Monday, June 06, 2005

There are many reasons why copy protection of things like music and films is useless/stupid/harmful/etc. This post on Slashdot nicely explains one technological aspect of why it's useless:

Cory Doctorow explained it very nicely (in his talk to the Microsoft Research group to be found here [craphound.com]):

Cryptography - secret writing - is the practice of keeping secrets. It involves three parties: a sender, a receiver and an attacker [...]. We usually call these people Alice, Bob and Carol. [A few explanations of cipher, ciphertext and key] In DRM, the attacker is *also the recipient*. It's not Alice and Bob and Carol, it's just Alice and Bob. So Alice has to provide Bob - the attacker - with the key, the cipher and the ciphertext.

Hilarity ensues.

DRM systems are usually broken in minutes, sometimes days. Rarely, months. It's not because the people who think them up are stupid. It's not because the people who break them are smart. It's not because there's a flaw in the algorithms. At the end of the day, all DRM systems share a common vulnerability: they provide their attackers with ciphertext, the cipher and the key. At this point, the secret isn't a secret anymore.